user-group(AAA domain view)

Function

The user-group command binds a user group to the domain.

The undo user-group command cancels the binding relationship between the domain and the user group.

By default, no user group is bound to the domain.

This command is supported only on the NetEngine 8000 F1A.

Format

user-group group-name

undo user-group [ group-name ]

Parameters

Parameter Description Value
group-name

Specifies the name of the user group bound to the domain.

The value is a string of 1 to 32 characters. The user group name must comply with the naming regulation of Windows and be case insensitive. It should not contain asterisk (*), question mask (?), and quotation mask (").

Views

AAA domain view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
aaa-access write

Usage Guidelines

Usage Scenario

A User group controls the user access authority based on ACL rules. To control the user access authority, run this command to bind an existing group to the domain.

Prerequisites

The user group to be bound to the domain has been created.

Precautions

In VS mode, this command is supported only by the admin VS.

The user group can be configured on the device or be distributed by the RADIUS server. There is no need to configure this command when the user group is distributed by the RADIUS server.

If you want to redirect to anther user group, you can configure a redirect domain and then bind the user group to the configured domain. In this way, the authenticated users and unauthenticated users can access the network from different domains.

Example

# Bind user group group1 to domain isp1.
<HUAWEI> system-view
[~HUAWEI] user-group group1
[*HUAWEI] commit
[~HUAWEI] aaa
[~HUAWEI-aaa] domain isp1
[*HUAWEI-aaa-domain-isp1] commit
[~HUAWEI-aaa-domain-isp1] user-group group1
Parent Topic: AAA and User Management Configuration (Access User)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >